Collect Logs for Amazon Web Services' (AWS) Elastic Load Balancer (ELB) Application App
The Application Load Balancer Access Log introduces two new fields in addition to the fields contained in Classic ELB Access log:
Type - This is the type of request or connection (HTTP, HTTPS, H2, ws, wss)
Target_group_arn - This is the Amazon Resource Name (ARN) of the target group
The logs are stored in a .gzip format in the specified S3 bucket and contain these fields in this order:
timestamp, elb, client:port, target:port, request_processing_time, target_processing_time, response_processing_time, elb_status_code, target_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol, target_group_arn, trace_id
For more details on the ALB Access log, see the AWS documentation.
Collect Logs for AWS ALB
Before you can begin to use the Sumo Logic App for Application Load Balancing, complete the following steps:
Grant Sumo Logic access to an Amazon S3 bucket.
Confirm that logs are being delivered to the Amazon S3 bucket.
Add an AWS ALB Source to Sumo Logic.
- Install the Sumo Logic App for AWS ELB - Application App.